Bump golang.org/x/net from 0.20.0 to 0.25.0

stakater / Reloader

A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!

https://docs.stakater.com/reloader/

Apache License 2.0

7.12k stars 476 forks source link

Bump golang.org/x/net from 0.20.0 to 0.25.0 #672

Closed antoinerg closed 1 month ago

antoinerg commented 1 month ago

Fixes CVE-2023-45288 present in x/net

EDIT: scanning the image using trivy still reports the CVE above because of stdlib

github-actions[bot] commented 1 month ago

@antoinerg Yikes! You better fix it before anyone else finds out! Build has Failed!

antoinerg commented 1 month ago

@antoinerg Yikes! You better fix it before anyone else finds out! Build has Failed!

[nix-shell:~/plotly/Reloader]$ golangci-lint run --out-format=colored-line-number
internal/pkg/controller/controller.go:121:7: previous case (typecheck)
    case *v1.ConfigMap:
         ^
internal/pkg/controller/controller.go:135:7: previous case (typecheck)
    case *v1.ConfigMap:
         ^

I don't think the build failure is related to the changes made here :point_up:

antoinerg commented 1 month ago

@SheryarButt @MuneebAijaz can you help me get this change to the finish line?

Thank you :bow:

github-actions[bot] commented 1 month ago

@antoinerg Images are available for testing. docker pull ghcr.io/stakater/reloader:SNAPSHOT-PR-672-2c4a6d5e\ndocker pull ghcr.io/stakater/reloader:SNAPSHOT-PR-672-UBI-2c4a6d5e